Symlink Vulnerability in Fence 2.02.00-r1 by Red Hat
CVE-2008-4580

Currently unrated

Key Information:

Vendor: Gentoo
Status: Cman; Fence
Vendor: CVE Published:; 15 October 2008

What is CVE-2008-4580?

The vulnerability identified in Fence version 2.02.00-r1 allows local users to exploit a symlink attack against the 'fence_manual.fifo' temporary file. This exploitation can lead to unauthorized modifications of arbitrary files, posing significant security risks to the affected system. Local attackers can leverage the vulnerability to gain elevated access to sensitive files and configurations, thereby compromising the integrity and security of the environment.

References

http://www.openwall.com/lists/oss-security/2008/10/16/1

mailing-listx_refsource_MLIST

http://bugs.gentoo.org/show_bug.cgi?id=240576

x_refsource_MISC

https://exchange.xforce.ibmcloud.com/vulnerabilities/45953

vdb-entryx_refsource_XF

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 15, 2008
Vulnerability Reserved
Oct 15, 2008

Gentoo

What is CVE-2008-4580?

References

Timeline